1. Field of the Invention
The present invention relates to mobile communication technologies. More particularly, the present invention relates to a method for obtaining a secure key.
2. Background of the Invention
In conventional mobile communication systems, in order to provide better services to a user group, a Closed Subscriber Group (CSG) should be formed with multiple wireless resource management entities for a specific user group. The wireless resource entities may include network entities in the wireless access network for managing wireless resources and access of the User Equipment (UE) and the network entities may include base stations or cells in various mobile communication systems. For instance, all users of a corporation or a school belong to a specific user group, and for the user group, a CSG is formed with multiple wireless resource management entities for providing special access services. For a specific user group, it is a common that the CSG is formed with multiple wireless resource management entities. A description is given hereafter using a Long Term Evolution (LTE) system of a System Architecture Evolution (SAE) as an example.
FIG. 1 is a schematic diagram illustrating a structure of an LTE system according to the related art.
Referring to FIG. 1, in a wireless access network of the LTE system, wireless resource management entities include Evolved NodeBs (eNBs) 102 and Home Evolved NodeBs (HeNBs) 103, and may further include a HeNB Gateway (HeNB GW) 104, as required. The eNB may directly connect with the Mobility Management Entity (MME) 105 in a core network. When the wireless resource management entity includes a HeNB GW 104, the HeNB 103 should connect with the MME 105 through the HeNB GW 104. When the wireless resource management entity does not include the HeNB GW 104, the HeNB 103 may directly connect from the MME 105.
In order to provide more access services in conventional mobile communication systems, various types of HeNBs, such as open HeNBs, hybrid HeNBs, and CSG HeNBs are provided. The open HeNBs do not have a specific user group which accesses the open HeNBs, and thus, any UE can access to the open HeNBs. The CSG HeNBs are used by a specific user group, such as all users in the above noted corporation and school. The CSG HeNBs are accessed by the UEs of the specific user group, which are referred to as CSG UEs, wherein the specific user group is served by the CSG HeNBs. The hybrid HeNB forms itself and other HeNBs into a CSG user group in order to provide access to the CSG UEs served by itself in order to provide better access services to the CSG UEs. Additionally, the hybrid HeNBs also allow the access of other non-CSG UEs, which are UEs not belonging to the CSG.
According to the above description, the conventional mobile communication system includes a CSG formed with multiple wireless resource management entities for providing CSG wireless resource management entities, such as CSG HeNB. The conventional mobile communication system also includes hybrid wireless resource management entities, such as hybrid HeNBs, for providing more access services. At the same time, the eNB may also support the functions of the CSG, or may be used as a hybrid eNB while supporting the CSG functions.
FIG. 2 is a schematic diagram illustrating a handover process for a UE moving between HeNBs or eNBs according to the related art.
Referring to FIG. 2, the movement of the UE is implemented through an S1 handover process. As shown in FIG. 2, optional descriptions of the S1 handover process which are well known to those skilled in the art are omitted in the following descriptions. The S1 handover process mainly includes the fowling processes. In step 201, a Source-(H)eNB (S-(H)eNB) sends a handover required message to a HeNB GW. The HeNB GW sends the handover required message to the MME in step 202. Next, the MME sends a handover request message to the HeNB GW, and the HeNB GW sends the handover request message to a Target-(H)eNB (T-(H)eNB) in step 203. In step 204, the T-(H)eNB allocates resources, sends a handover request acknowledgement message to the HeNB GW, and the HeNB GW sends the handover request acknowledgement message to the MME.
In step 205, the MME sends a handover command message to the HeNB GW, and the HeNB GW sends the handover command message to the S-(H)eNB. The S-(H)eNB sends the handover command message to the UE in step 206. In step 207, the UE synchronizes itself to a target cell, and sends a handover acknowledgement message to the T-(H)eNB. Next, the T-(H)eNB sends a handover notification message to the HeNB GW, and the HeNB GW sends the handover notification message to the MME in step 208. Then, the MME sends an update bearer request message to a Service-Gateway (S-GW)/Packet Data Network Gateway (PDN GW) in step 209. For convenience of description, the signaling processes between the S-GW and the PDN GW are omitted. The S-GW mainly provides a function of a user plane and the PDN GW is responsible for the charging, legal monitoring, and other similar functions. According to information of the UE's contexts, if the PDN GW has requested for the UE location and/or user CSG information, the MME carries information elements of the UE location and user CSG information in the update bearer request message.
Next, in step 210, the S-GW/PDN GW sends the update bearer response message to the MME. The UE initiates the Tuning and Analysis Utility (TAU) process in step 211. In step 212, the MME sends a UE context release command message to the HeNB GW, and the HeNB GW sends the UE context release command message to the S-(H)eNB. In step 213, the S-(H)eNB sends a UE context release completion message to the HeNB GW, and the HeNB GW sends the UE context release completion message to the MME.
It should be noted that the S-(H)eNB and the T-(H)eNB in FIG. 2 may be a HeNB or an eNB because the above process also applies in the S1 handover when the UE moves between the eNBs. Thus, S-eNB denotes a Source-eNB, T-eNB denotes a Target-eNB, S-HeNB denotes the Source-HeNB, and T-HeNB denotes the Target-HeNB.
It can be seen that when there are many HeNBs or eNBs, if the above handover method is adopted and each time the UE switches between the HeNB and eNB through the S1 handover, there is a very heavy load on the core network, and the many HeNBs or eNBs reduce an efficiency of the handover made by the UE under the same HeNB GW. Under this circumstance, if the handover process of the UE terminates at the gateway, the load brought on the core network by the handover may be reduced greatly. However, the communication protocol in the conventional standard does not advance a detailed solution wherein the handover process ends at the gateway. On the other hand, a security mechanism in the conventional standard also cannot allow the handover which terminates at the gateway.
FIG. 3 is a schematic diagram illustrating a structure of encryption secure levels in an Evolved-Universal Mobile Telecommunication Systems (UMTS) Terrestrial Radio Access Network E-UTRAN according to the related art.
Referring to FIG. 3, K is a permanent key of a universal integrated circuit card on a Universal Subscriber Identity Module (USIM) and an Authentication Center (AuC). A Cipher Key (CK) and an Integrity Key (IK) are generated by the AuC and the USIM in a process of Authentication and Key Agreement (AKA). The CK and IK are processed differently in an Evolved Packet System (EPS) services and the legacy secure contexts.
An Access Safety Management Entity Key (KASME) is an intermediate key generated by the UE and MME after the AKA. The UE and MME further generate the key for the Non-Access Stratum (NAS) Layer Encryption (KNASenc) and NAS Integrity Protection (KNASint) according to the KASME. The Evolution Node Key (KeNB) is a key obtained by the UE and the MME or by the UE and the eNB. A Next Hop (NH) is a key for the forward secure derived by the UE and the MME. A key KUPenc for encrypting an air interface access layer user plane, a key KRRCenc for controlling a plane encryption, and a key KRRCint for controlling a plane integrity protection are further derived according to the KeNB.
FIG. 4 is a schematic diagram illustrating the principle for generating the key during the handover process according to the related art.
Referring to FIG. 4, the initial KeNB is calculated according to the KASME and a NAS uplink COUNT. When the UE and eNB need to establish the initial Access Stratum (AS) secure contexts, the KeNB and the NH are derived by the MME and UE. The KeNB and NH are derived from the KASME. A NH Changing Counter (NCC) of the NH is associated with each KeNB and NH. Each KeNB is associated with the NCC corresponding to the NH, and from which the KeNB is derived. At the beginning, the KeNB is directly derived from the KASME. Thus, the KeNB is associated with a virtual NH, and the NCC, to which the NH corresponds, is 0. At the beginning of the establishment, the derived NH corresponds to the NCC 1. The initial NCC is 0 when the eNB receives the initial contexts establishment request.
In the process of a handover, the eNB key used between the UE and the target eNB is derived from the current eNB or NH. In order to distinguish the eNB key used between the UE and the source NB and the eNB key used between the UE and the target NB, the former is recorded as KeNB, and the latter is recorded as the KeNB*. A method for deriving the key according to the current KeNB is called the horizontal key generation mechanism, and a method for deriving the key according to the NH is called the vertical key generation mechanism. When the KeNB* is generated according to the KeNB or NH, the Physical Cell Identity (PCI) and frequency (EARFCN-DL) of the target cell should be bound.
It can be seen that only the UE and the MME can compute the current NH, and the gateway does not have the ability of computing the current NH. Thus, if the handover terminates at the gateway, the gateway cannot obtain the current NH. Accordingly, the conventional method of communication discussed above has many disadvantages in security. Thus, the conventional method does not solve the problem of ensuring the working of a secure key chain when the handover terminates at the gateway.